With regard to today's modern medical systems which in the vast majority of cases are used by hospitals the data is available as digital data and is also exchanged in digital form over corresponding networks. In contrast to earlier systems, in which for example in radiology X-ray images of patients were still filed and stored in the form of X-ray films, the radiological image data captured today is captured digitally, further processed digitally and/or forwarded digitally to other entities (also including external entities).
One advantage of digital data processing in medicine can be seen in the extremely simple and flexible manner in which medical data records are forwarded and made available. The data exchange is normally based on a special protocol, for example the DICOM protocol (DICOM: Digital Information and Communication in Medicine).
When a patient has left the hospital again, then under certain circumstances it is also important for him to be able to access his medical image data. This becomes important at times such as when follow-up examinations become necessary for which the already acquired image data or other patient data needs to be available. The data is held in a hospital repository.
There are however also problems associated with the transfer of digital data. It is thus easier for attackers to gain unauthorized access to said data records. In other words, it is essential to protect the digital data against unauthorized access but nevertheless to enable easy accessibility of the data for the patient when doing so. In this situation the IT resources of the computer entities involved should also be taken into consideration (bandwidth, addressing of device components etc.)
Identification and authentication systems are well known in the prior art. Known cryptological procedures are employed as a rule in this situation in order to be able to prove the identity of a user so as to authenticate him against the system.
In particular, in medical systems it is indispensable that secure communication channels can be made available for communication between patient and hospital or clinical data records. In order to give the patient in question the greatest possible degree of flexibility in accessing his clinical data records it is desirable to use mobile electronic devices, such as for example smartphones or mobile telecommunication facilities, which the patient generally has at his disposal in any case. For this purpose it is necessary to store the personal access data on the respective electronic device and transmit it over the known standardized communication channels, such as for example the relevant mobile network operator.
It is obvious that the personal access data can very easily be corrupted or compromised during such a data exchange. The mobile communication connections can be manipulated relatively easily by an attacker in order to tap the access data or other personal data. Additional security measures are therefore required, but there is an associated high administrative effort, in particular on the part of the patient or the mobile device.
Known systems are therefore based on the provision of a security infrastructure, which as a rule is provided by third-party suppliers, so as to be available for the mobile devices. In addition to the high administrative effort, a further disadvantage regarding the known systems in the prior art consists in the fact that the availability of a secure authentication is reduced by the establishment of specific security infrastructures.